Huge Security Concern with Tsu (New Social Network 7MM Investment)
Anyway here's the fun part...
So I decided to try it out, feel free to register using the "invite link" below (it's invite only right now), just don't use a password you use for anything else... http://tsu.co/dragmecom
Here's why...
Take a look when you're registering, notice how there's no SSL? Haha you guessed it, all of their information throughout the entire site is completely unencrypted. That means all passwords, emails, user addresses, etc. are unencrypted and visible to anyone and everyone.
You don't need to be a security expert to know this, it's almost text book knowledge for anyone who has ever interfaced with the web on a technical level. Soooooo my fellow hacker news friends, enjoy this new found information.
Maybe one of you might be so encouraged to post, "I love good security" via the founder's account. I tried to email the staff about the concern but still haven't received a response, maybe you all can "encourage" them to expedite patching this crucial security concern, and protect their users.
Happy cracking! :)
13 comments
[ 5.2 ms ] story [ 33.5 ms ] threadEDIT: May have been premature, but it is still suspicious.
http://www.sfgate.com/entertainment/article/Upstart-social-n...
^ Sebastian Sobczak is the founder, you're an idiot if you think I'd be posting security issues with my own startup.
Educate yourself.
It's not my startup and I'm not even remotely connected to it (like the pun?). I just submitted a link about it. Chill.
http://www.sfgate.com/entertainment/article/Upstart-social-n...
^ Sebastian Sobczak is the founder, you're an idiot if you think I'd be posting security issues with my own startup.
Educate yourself.